Description
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
Base Score: 9.8 CRITICAL
https://www.openwall.com/lists/oss-security/2022/12/21/4
______________________________
Description
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
Base Score: 9.8 CRITICAL
https://www.openwall.com/lists/oss-security/2022/12/21/4
_______________________________
Description
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
Base Score: 7.8 HIGH
https://bugzilla.redhat.com/show_bug.cgi?id=2126720
CVE-2022-2536 Description The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the ‘tp_translation’ AJAX action which makes it possible for unauthenticated attackers to bypass any restrictions and influence the data shown on […]
CVE-2020-14349 Description It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication. Base Score: 7.1 […]
CVE-2022-20803 Description A vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.The vulnerability is due to incorrect use of the realloc function that may result in a double-free. An attacker could exploit this […]
Leave a Reply